package com.liy.supercloud.ssoclient.rs.filter;

import com.liy.framework.common.annotation.IgnoreUserToken;
import com.liy.framework.common.extvo.LoginInfo;
import com.liy.framework.common.extvo.ResultVO;
import com.liy.framework.common.extvo.TokenVo;
import com.liy.framework.common.utils.Tools;
import com.liy.supercloud.ssoclient.security.jwt.JwtTokenService;
import java.io.IOException;
import java.lang.reflect.Method;
import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.container.ContainerRequestFilter;
import javax.ws.rs.core.MultivaluedMap;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.Response.Status;
import javax.ws.rs.ext.Provider;

import org.jboss.resteasy.core.ResourceMethodInvoker;
import org.jboss.resteasy.core.ResteasyContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Component;

@Component
@Provider
public class AuthorizationRequestFilter implements ContainerRequestFilter {

    protected static Logger log = LoggerFactory.getLogger(AuthorizationRequestFilter.class);

    @Value("${dascloud.authrization.enabled: true}")
    private Boolean authrizationEnabled;

    @Value("${dascloud.authrization.token-header:JwtToken}")
    private String tokenName;

    @Autowired
    private JwtTokenService jwtTokenService;


    public void filter(ContainerRequestContext requestContext) throws IOException {
        log.info("jaxrs request filter：" + requestContext.getUriInfo().getAbsolutePath().toString());
        requestContext.setProperty("start_time", System.currentTimeMillis());
        if (this.authrizationEnabled) {
            String jwtToken = requestContext.getHeaderString("JwtToken");
            String authKey = requestContext.getHeaderString("AuthKey");
            MultivaluedMap<String, String> map = requestContext.getUriInfo().getQueryParameters();
            if (Tools.StringIsNullOrSpace(jwtToken)) {
                jwtToken = (String)map.getFirst("JwtToken");
            }

            if (Tools.StringIsNullOrSpace(authKey)) {
                authKey = (String)map.getFirst("AuthKey");
            }

            if (Tools.StringIsNullOrSpace(jwtToken)) {
                ResourceMethodInvoker methodInvoker = (ResourceMethodInvoker)requestContext.getProperty("org.jboss.resteasy.core.ResourceMethodInvoker");
                Method method = methodInvoker.getMethod();

                IgnoreUserToken ignoreUserToken = (IgnoreUserToken)method.getAnnotation(IgnoreUserToken.class);

                if (ignoreUserToken != null) {
                    return;
                }

                this.stopAccess(requestContext, "403", "未认证的请求");
            }

            try {
                LoginInfo loginInfo = this.jwtTokenService.getInfoFromToken(jwtToken);
                ResteasyContext.pushContext(LoginInfo.class, loginInfo);
                ResteasyContext.pushContext(TokenVo.class, null);
            } catch (Exception var8) {
                log.warn(var8.getMessage(), var8);
                this.stopAccess(requestContext, "401", "请求拒绝：未认证或认证失败!");
            }

        }
    }

    private void stopAccess(ContainerRequestContext requestContext, String code, String message) {
        requestContext.abortWith(Response.status(Status.UNAUTHORIZED).entity(new ResultVO(false, message, code)).build());
    }
}
